Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91676E2/2259A186D85411ECB9E1E486C4F9AE02/3A87C676D85D11ECA651B731C4F9AE02.roa
File: 3A87C676D85D11ECA651B731C4F9AE02.roa (raw, json)
Hash identifier: ogptJwTqs/ke4Y356XfCvYtq4CTq4fXoqVOzTV30l4g=
Subject key identifier: 90:FD:66:87:D4:9A:4A:D6:12:E9:5D:11:BF:22:60:6B:5D:6C:08:79
Certificate issuer: /CN=A91676E2/serialNumber=3344A43960DC4A4773BB1DF0FF038DF4160F357A
Certificate serial: 028B
Authority key identifier: 33:44:A4:39:60:DC:4A:47:73:BB:1D:F0:FF:03:8D:F4:16:0F:35:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M0SkOWDcSkdzux3w_wON9BYPNXo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91676E2/2259A186D85411ECB9E1E486C4F9AE02/3A87C676D85D11ECA651B731C4F9AE02.roa
Signing time: Sun 06 Oct 2024 06:48:30 +0000
ROA not before: Sun 06 Oct 2024 06:48:30 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 149806
IP address blocks: 103.186.216.0/24 maxlen: 24
103.186.217.0/24 maxlen: 24
2400:7520::/32 maxlen: 32
2400:7520::/36 maxlen: 36
2400:7520:1000::/36 maxlen: 36
2400:7520:2000::/35 maxlen: 36
2400:7520:4000::/34 maxlen: 36
2400:7520:8000::/33 maxlen: 36
Validation: Failed, certificate revoked on Sun 06 Oct 2024 15:36:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 651 (0x28b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91676E2/serialNumber=3344A43960DC4A4773BB1DF0FF038DF4160F357A
Validity
Not Before: Oct 6 06:48:30 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=670232be-380a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ac:b4:35:01:e9:d0:76:60:78:08:70:43:86:
89:69:ea:60:cd:0d:94:21:01:f4:9b:51:9b:3a:30:
0a:99:0a:b1:60:1b:c1:33:99:d6:67:d5:fa:50:a3:
84:4d:41:0d:d3:3e:9e:03:69:f5:2b:63:db:2d:8d:
79:5b:ca:47:b0:13:2a:f5:6a:be:3f:8e:ba:eb:7c:
a9:b8:79:ee:6c:d5:4e:85:53:2c:b4:da:65:ed:6c:
91:92:db:93:88:07:7f:c3:dc:d9:08:4c:56:21:ab:
89:04:96:39:da:ad:ba:25:75:d5:45:3f:b6:d9:44:
fb:a3:a0:19:24:24:9b:e4:76:34:38:15:1c:88:c6:
86:5e:db:76:6b:b0:2f:0c:32:ad:72:de:d3:5a:9b:
96:e0:65:d4:ad:57:e6:20:a2:ea:a4:e6:5f:22:42:
4b:97:c0:2c:ac:76:19:e9:08:b3:b3:d2:5c:e6:cd:
6f:e6:fa:bf:5e:05:b7:59:80:cb:f4:ce:38:51:3a:
3e:e4:e1:9c:85:35:3c:54:d9:84:c4:68:5d:9f:49:
30:a5:35:b8:a0:c5:14:25:d3:ef:ff:a8:d5:b3:8d:
5e:4d:4b:56:72:e7:40:8d:7d:db:e7:b4:0a:30:aa:
eb:bf:b7:e0:5f:3f:2c:21:30:9d:34:d7:a5:7a:d7:
32:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FD:66:87:D4:9A:4A:D6:12:E9:5D:11:BF:22:60:6B:5D:6C:08:79
X509v3 Authority Key Identifier:
keyid:33:44:A4:39:60:DC:4A:47:73:BB:1D:F0:FF:03:8D:F4:16:0F:35:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91676E2/2259A186D85411ECB9E1E486C4F9AE02/M0SkOWDcSkdzux3w_wON9BYPNXo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M0SkOWDcSkdzux3w_wON9BYPNXo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91676E2/2259A186D85411ECB9E1E486C4F9AE02/3A87C676D85D11ECA651B731C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.216.0/23
IPv6:
2400:7520::/32
Signature Algorithm: sha256WithRSAEncryption
82:6c:af:01:d9:7e:99:d4:98:66:4d:f0:9b:11:6f:41:54:cd:
4e:e2:a3:3f:22:f5:d6:05:4d:4f:f3:e1:ef:04:f9:57:f2:a6:
2e:6e:98:80:e5:dd:3b:4c:ba:24:98:79:09:52:4b:07:f9:bc:
1c:dc:40:26:2c:9b:0b:4a:27:bf:e2:09:9a:e0:f7:f4:cb:53:
86:c0:16:b5:14:a8:59:f5:bd:1e:90:84:a9:04:6d:4b:d9:3e:
7e:e1:02:27:b0:f1:d0:1e:15:a7:88:c5:07:e8:82:0d:3b:a7:
e8:6f:7f:53:6e:56:88:d4:63:e2:15:02:80:f0:32:1c:04:fd:
47:63:e9:7c:ba:e8:5e:c5:9f:5a:7e:0a:4d:34:11:3b:4c:2a:
45:ff:52:d7:40:62:ef:ab:95:d2:45:5d:67:f7:8f:e2:4c:b1:
c0:7c:81:33:e3:38:50:11:40:b2:81:f5:08:ce:59:63:be:b6:
8d:09:f8:df:c3:f3:51:01:cf:5a:06:bc:8a:67:b2:9b:45:b0:
6f:54:f1:59:49:7b:dd:65:62:4a:85:0c:52:66:57:1b:7d:46:
b9:e4:a5:6f:81:13:a5:39:23:7b:77:1b:bc:5d:58:19:88:d1:
d8:24:52:11:41:b9:a4:d0:4d:e3:06:a3:5e:04:8e:95:36:fd:
35:bd:df:50
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njc2RTIxMTAvBgNVBAUTKDMzNDRBNDM5NjBEQzRBNDc3M0JCMURGMEZGMDM4REY0
MTYwRjM1N0EwHhcNMjQxMDA2MDY0ODMwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzAyMzJiZS0zODBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt6y0NQHp0HZgeAhwQ4aJaepgzQ2UIQH0m1GbOjAKmQqxYBvBM5nWZ9X6UKOE
TUEN0z6eA2n1K2PbLY15W8pHsBMq9Wq+P46663ypuHnubNVOhVMstNpl7WyRktuT
iAd/w9zZCExWIauJBJY52q26JXXVRT+22UT7o6AZJCSb5HY0OBUciMaGXtt2a7Av
DDKtct7TWpuW4GXUrVfmIKLqpOZfIkJLl8AsrHYZ6Qizs9Jc5s1v5vq/XgW3WYDL
9M44UTo+5OGchTU8VNmExGhdn0kwpTW4oMUUJdPv/6jVs41eTUtWcudAjX3b57QK
MKrrv7fgXz8sITCdNNeletcyJwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJD9ZofU
mkrWEuldEb8iYGtdbAh5MB8GA1UdIwQYMBaAFDNEpDlg3EpHc7sd8P8DjfQWDzV6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NzZFMi8yMjU5QTE4NkQ4
NTQxMUVDQjlFMUU0ODZDNEY5QUUwMi9NMFNrT1dEY1NrZHp1eDN3X3dPTjlCWVBO
WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL00wU2tPV0RjU2tkenV4M3dfd09OOUJZUE5Yby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njc2RTIvMjI1OUExODZEODU0MTFFQ0I5RTFFNDg2QzRGOUFFMDIvM0E4N0M2NzZE
ODVEMTFFQ0E2NTFCNzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnutgwDQQCAAIwBwMFACQAdSAwDQYJKoZIhvcNAQELBQAD
ggEBAIJsrwHZfpnUmGZN8JsRb0FUzU7ioz8i9dYFTU/z4e8E+Vfypi5umIDl3TtM
uiSYeQlSSwf5vBzcQCYsmwtKJ7/iCZrg9/TLU4bAFrUUqFn1vR6QhKkEbUvZPn7h
Aiew8dAeFaeIxQfogg07p+hvf1NuVojUY+IVAoDwMhwE/Udj6Xy66F7Fn1p+Ck00
ETtMKkX/UtdAYu+rldJFXWf3j+JMscB8gTPjOFARQLKB9QjOWWO+to0J+N/D81EB
z1oGvIpnsptFsG9U8VlJe91lYkqFDFJmVxt9RrnkpW+BE6U5I3t3G7xdWBmI0dgk
UhFBuaTQTeMGo14EjpU2/TW931A=
-----END CERTIFICATE-----
Generated at Sun Oct 6 21:05:55 2024 by rpki-client on console-ams.rpki-client.org